From 4d321be05c0aa34921f96f38c17dd611691f3c44 Mon Sep 17 00:00:00 2001 From: FloatingGhost Date: Mon, 10 Oct 2022 15:55:58 +0100 Subject: [PATCH 1/9] Extract deactivated users query to a join --- lib/pleroma/activity.ex | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index ebfd4ed45..3556aaf9e 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -361,9 +361,11 @@ defmodule Pleroma.Activity do end def restrict_deactivated_users(query) do - deactivated_users_query = from(u in User.Query.build(%{deactivated: true}), select: u.ap_id) - - from(activity in query, where: activity.actor not in subquery(deactivated_users_query)) + query + |> join(:inner, [activity], user in User, + as: :user, + on: activity.actor == user.ap_id and user.is_active == true + ) end defdelegate search(user, query, options \\ []), to: Pleroma.Activity.Search From 749445dd50ba9376779c902584da3b55be7270bb Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Sat, 12 Nov 2022 17:52:37 -0500 Subject: [PATCH 2/9] Fix reports which do not have a user The check for deactivated users was being applied to report activities. --- lib/pleroma/web/activity_pub/activity_pub.ex | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 5099caef7..ad9eb2505 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1239,6 +1239,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do end end + defp exclude_invisible_actors(query, %{type: "Flag"}), do: query defp exclude_invisible_actors(query, %{invisible_actors: true}), do: query defp exclude_invisible_actors(query, _opts) do @@ -1377,7 +1378,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do |> restrict_instance(opts) |> restrict_announce_object_actor(opts) |> restrict_filtered(opts) - |> Activity.restrict_deactivated_users() + |> maybe_restrict_deactivated_users(opts) |> exclude_poll_votes(opts) |> exclude_chat_messages(opts) |> exclude_invisible_actors(opts) @@ -1789,4 +1790,9 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do |> restrict_visibility(%{visibility: "direct"}) |> order_by([activity], asc: activity.id) end + + defp maybe_restrict_deactivated_users(activity, %{type: "Flag"}), do: activity + + defp maybe_restrict_deactivated_users(activity, _opts), + do: Activity.restrict_deactivated_users(activity) end From edaf0a05f8d3b9476d868e153fbca029e74b4bd3 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Sat, 12 Nov 2022 18:05:58 -0500 Subject: [PATCH 3/9] Add same optimized join for excluding invisible users --- lib/pleroma/web/activity_pub/activity_pub.ex | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index ad9eb2505..fa251394b 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1243,12 +1243,11 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do defp exclude_invisible_actors(query, %{invisible_actors: true}), do: query defp exclude_invisible_actors(query, _opts) do - invisible_ap_ids = - User.Query.build(%{invisible: true, select: [:ap_id]}) - |> Repo.all() - |> Enum.map(fn %{ap_id: ap_id} -> ap_id end) - - from([activity] in query, where: activity.actor not in ^invisible_ap_ids) + query + |> join(:inner, [activity], u in User, + as: :u, + on: activity.actor == u.ap_id and u.invisible == false + ) end defp exclude_id(query, %{exclude_id: id}) when is_binary(id) do From 39b24cdce683471372e2144dc00ed5d0f78740aa Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Sat, 12 Nov 2022 18:32:49 -0500 Subject: [PATCH 4/9] Document query performance improvement --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 889a3ebfe..30f5140bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -55,6 +55,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Fixed slow timelines when there are a lot of deactivated users - Fixed account deletion API - Fixed lowercase HTTP HEAD method in the Media Proxy Preview code +- Improved performance for filtering out deactivated and invisible users ### Removed - Quack, the logging backend that pushes to Slack channels From db76ea578a550a4cbc0298d428b9c57ba605b276 Mon Sep 17 00:00:00 2001 From: Henry Jameson Date: Mon, 12 Apr 2021 00:38:25 +0300 Subject: [PATCH 5/9] try to fix ruffle on chrome --- lib/pleroma/web/plugs/http_security_plug.ex | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex index cd1bae235..3ee48062e 100644 --- a/lib/pleroma/web/plugs/http_security_plug.ex +++ b/lib/pleroma/web/plugs/http_security_plug.ex @@ -117,7 +117,9 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do if Config.get(:env) == :dev do "script-src 'self' 'unsafe-eval'" else - "script-src 'self'" + # TODO right now unsafe-eval is needed for WASM to load in chrome + # see: https://github.com/WebAssembly/content-security-policy/issues/7 + "script-src 'self' 'unsafe-eval'" end report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"] From 79bd363a68cce0600c93eaa4ac08782333c3e8bb Mon Sep 17 00:00:00 2001 From: HJ <30-hj@users.noreply.git.pleroma.social> Date: Wed, 16 Nov 2022 21:27:04 +0000 Subject: [PATCH 6/9] Update lib/pleroma/web/plugs/http_security_plug.ex --- lib/pleroma/web/plugs/http_security_plug.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex index 3ee48062e..7a987a30b 100644 --- a/lib/pleroma/web/plugs/http_security_plug.ex +++ b/lib/pleroma/web/plugs/http_security_plug.ex @@ -119,7 +119,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do else # TODO right now unsafe-eval is needed for WASM to load in chrome # see: https://github.com/WebAssembly/content-security-policy/issues/7 - "script-src 'self' 'unsafe-eval'" + "script-src 'self' 'wasm-unsafe-eval'" end report = if report_uri, do: ["report-uri ", report_uri, ";report-to csp-endpoint"] From a31d3589ed8c91cceece7dbdf362c9bfe69e0115 Mon Sep 17 00:00:00 2001 From: HJ <30-hj@users.noreply.git.pleroma.social> Date: Wed, 16 Nov 2022 21:28:35 +0000 Subject: [PATCH 7/9] Update http_security_plug.ex --- lib/pleroma/web/plugs/http_security_plug.ex | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex index 7a987a30b..34895c8d5 100644 --- a/lib/pleroma/web/plugs/http_security_plug.ex +++ b/lib/pleroma/web/plugs/http_security_plug.ex @@ -117,8 +117,6 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do if Config.get(:env) == :dev do "script-src 'self' 'unsafe-eval'" else - # TODO right now unsafe-eval is needed for WASM to load in chrome - # see: https://github.com/WebAssembly/content-security-policy/issues/7 "script-src 'self' 'wasm-unsafe-eval'" end From cddcafee7f69fc832b18a66a78a7d47692553ae5 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Thu, 17 Nov 2022 12:02:32 -0500 Subject: [PATCH 8/9] Document inclusion of wasm-unsafe-eval --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 56f328234..66d01e005 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Updated the recommended pleroma.vcl configuration for Varnish to target Varnish 7.0+ - Set timeout values for Oban queues. The default is infinity and some operations may not time out on their own. - Delete activities are federated at lowest priority +- CSP now includes wasm-unsafe-eval ### Added - `activeMonth` and `activeHalfyear` fields in NodeInfo usage.users object From c7a0df8006f45df6f186c9b441cfb6346cec13f4 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 18 Nov 2022 10:09:52 -0500 Subject: [PATCH 9/9] Remove Quack from docs and cheatsheet --- docs/configuration/cheatsheet.md | 16 +++++++--------- docs/development/API/admin_api.md | 13 ++++++------- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 0dbf71aba..314fdbbab 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -778,7 +778,7 @@ Web Push Notifications configuration. You can use the mix task `mix web_push.gen * ``private_key``: VAPID private key ## :logger -* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack +* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog An example to enable ONLY ExSyslogger (f/ex in ``prod.secret.exs``) with info and debug suppressed: ```elixir @@ -801,10 +801,10 @@ config :logger, :ex_syslogger, See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/) -An example of logging info to local syslog, but warn to a Slack channel: +An example of logging info to local syslog, but debug to console: ```elixir config :logger, - backends: [ {ExSyslogger, :ex_syslogger}, Quack.Logger ], + backends: [ {ExSyslogger, :ex_syslogger}, :console ], level: :info config :logger, :ex_syslogger, @@ -812,14 +812,12 @@ config :logger, :ex_syslogger, ident: "pleroma", format: "$metadata[$level] $message" -config :quack, - level: :warn, - meta: [:all], - webhook_url: "https://hooks.slack.com/services/YOUR-API-KEY-HERE" +config :logger, :console, + level: :debug, + format: "\n$time $metadata[$level] $message\n", + metadata: [:request_id] ``` -See the [Quack Github](https://github.com/azohra/quack) for more details - ## Database options diff --git a/docs/development/API/admin_api.md b/docs/development/API/admin_api.md index c46f83839..f6e9f7d2a 100644 --- a/docs/development/API/admin_api.md +++ b/docs/development/API/admin_api.md @@ -1064,7 +1064,6 @@ List of settings which support only full update by key: ```elixir @full_key_update [ {:pleroma, :ecto_repos}, - {:quack, :meta}, {:mime, :types}, {:cors_plug, [:max_age, :methods, :expose, :headers]}, {:auto_linker, :opts}, @@ -1084,18 +1083,18 @@ List of settings which support only full update by subkey: ] ``` -*Settings without explicit key must be sended in separate config object params.* +*Settings without explicit key must be sent in separate config object params.* ```elixir -config :quack, - level: :debug, - meta: [:all], +config :foo, + bar: :baz, + meta: [:data], ... ``` ```json { "configs": [ - {"group": ":quack", "key": ":level", "value": ":debug"}, - {"group": ":quack", "key": ":meta", "value": [":all"]}, + {"group": ":foo", "key": ":bar", "value": ":baz"}, + {"group": ":foo", "key": ":meta", "value": [":data"]}, ... ] }